Re: [leaf-user] Bering VPN questions-School project

Thu, 03 Oct 2002 12:48:24 -0700 

Hello Craig 

Why do you want to use a tunnel through your school net to the 
"private Student" net
By this method you protect the "private student" net against attacks 
from the school net but opens up the school net a litle bit more to the 
outside world
( it is more difficult to get into a tunnel from the outside than to leave 
a tunnel ;) )
I would think that it is saver to keep the school Lan apart from the 
Student Lan 

Why don't you use a different setup 

internet ---Bering Box 1 ------school Lan
internet -- Bering Box 2 --- --Private Student Lan

or even with a second network card in Box 1 as
internet ----Beringbox ..... School Lan
                      ^
                      1
        Private Student lan 
you could use your second Bering box for additional Security or 
someother usefull task .


All three setups can be done with bering
regards 

Eric wolzak

member of the Bering Crew

> Hi folks,
> At our high school, we have some extra, public IP addresses. For a
> project, I want to set up 2 Bering boxes. I want to use our extra public
> IP addresses and have the internet traffic to these addresses "flow
> through" the first Bering box to the final Bering box which will service
> several boxes on a LAN. In between the two Bering boxes is the school
> LAN, which I (obviously) need to safeguard, so I'm thinking that I need
> to create a VPN between the two Bering boxes and have all traffic
> "tunnel" through??? The purpose is to set up boxes on the internal
> private student LAN that students can access from home, etc. by using
> the public IP addresses (We want them to experiment with creating web
> sites and experience, invariably, getting "hacked", etc. while
> protecting the existing school LAN).
> 
> Internet-----Bering Box 1----(School LAN)-----Bering Box 2-----Private
> Student LAN
> 
> 1.) This should be pretty easy to do with Bering, shouldn't it?
> 2.) Will the internal school LAN be effectively protected by creating a
> VPN between the two boxes?
> 3.) Any problems with my scenario that you can see? Comments,
> suggestions...??? (I welcome ALL thoughts and suggestions)
> 
> Thank you,
> Craig



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Reply via email to